[pfSense Support] Problems setting up a VPN Tunnel to a PIX 515e

Sat, 14 Oct 2006 09:55:29 -0700

I'm trying out a pfSense based firewall for my local office, and I'm trying to setup a VPN to a Cisco PIX 515e in one of our production datacenters. I believe I am encountering some sort of error on the pfSense firewall. Stage1 exchange continually times out. I've quadruple checked all of the VPN parameters on both side and they are consistent. I notice whenever I "apply" VPN changes I get the following errors at the beginning of the VPN system log:
Oct 14 11:19:53 racoon: INFO: @(#)ipsec-tools 0.6.6 (http://ipsec-tools.sourceforge.net) Oct 14 11:19:53 racoon: INFO: @(#)This product linked OpenSSL 0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/) Oct 14 11:19:53 racoon: INFO: fe80::1%lo0[500] used as isakmp port (fd=13) 
Oct 14 11:19:53     racoon: INFO: ::1[500] used as isakmp port (fd=14)
Oct 14 11:19:53     racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=15)
Oct 14 11:19:53 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument Oct 14 11:19:53 racoon: INFO: 192.168.2.254[500] used as isakmp port (fd=16) Oct 14 11:19:53 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument Oct 14 11:19:53 racoon: INFO: fe80::250:daff:fe28:ca4%xl2[500] used as isakmp port (fd=17) Oct 14 11:19:53 racoon: INFO: 216.62.203.233[500] used as isakmp port (fd=18) Oct 14 11:19:53 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument Oct 14 11:19:53 racoon: INFO: fe80::201:2ff:fe3f:58a7%xl1[500] used as isakmp port (fd=19) Oct 14 11:19:53 racoon: INFO: 209.198.142.210[500] used as isakmp port (fd=20) Oct 14 11:19:53 racoon: WARNING: setsockopt(UDP_ENCAP_ESPINUDP_NON_IKE): Invalid argument Oct 14 11:19:53 racoon: INFO: fe80::201:2ff:fe3c:a553%xl0[500] used as isakmp port (fd=21) 


I'm thinking this is the root cause of my problem, not a difference in 
configuration between the VPN tunnel end-points.  Does anyone know what 
would cause this and how to fix it?


Thank in advance,
-ryan

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to